'\" te
.\" To view license terms, attribution, and copyright for IP Filter, the default path is /usr/lib/ipf/IPFILTER.LICENCE. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
.\" location.
.\" Portions Copyright (c) 2008, Sun Microsystems Inc. All Rights Reserved.
.\" Portions Copyright (c) 2012, Joyent, Inc. All Rights Reserved.
.TH IPPOOL 8 "Nov 26, 2012"
.SH NAME
ippool \- user interface to the IP Filter pools
.SH SYNOPSIS
.LP
.nf
\fBippool\fR \fB-a\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] \fB-i\fR \fIipaddr\fR
     [/\fInetmask\fR]
.fi

.LP
.nf
\fBippool\fR \fB-A\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] [\fB-S\fR \fIseed\fR]
     [\fB-t\fR \fItype\fR]
.fi

.LP
.nf
\fBippool\fR \fB-f\fR \fIfile\fR [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-dnuv\fR]
.fi

.LP
.nf
\fBippool\fR \fB-F\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-o\fR \fIrole\fR] [\fB-t\fR \fItype\fR]
.fi

.LP
.nf
\fBippool\fR \fB-h\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-t\fR \fItype\fR]
.fi

.LP
.nf
\fBippool\fR \fB-l\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-t\fR \fItype\fR]
.fi

.LP
.nf
\fBippool\fR \fB-r\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] \fB-i\fR \fIipaddr\fR
     [/\fInetmask\fR]
.fi

.LP
.nf
\fBippool\fR \fB-R\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] [\fB-t\fR \fItype\fR]
.fi

.LP
.nf
\fBippool\fR \fB-s\fR [\fB-dtv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-M\fR \fIcore\fR] [\fB-N\fR \fInamelist\fR]
.fi

.SH DESCRIPTION
.LP
The \fBippool\fR utility is used to manage information stored in the IP pools
subsystem of IP Filter software. Configuration file information can be parsed
and loaded into the kernel and currently configured pools can be removed,
changed, or inspected.
.sp
.LP
\fBippool\fR's use is restricted through access to \fB/dev/ippool\fR. The
default permissions of \fB/dev/ippool\fR require \fBippool\fR to be run as root
for all operations.
.sp
.LP
The command line options used are divided into two sections: the global options
and the instance-specific options.
.sp
.LP
\fBippool\fR's use is restricted through access to \fB/dev/ipauth\fR,
\fB/dev/ipl\fR, and \fB/dev/ipstate\fR. The default permissions of these files
require \fBippool\fR to be run as root for all operations.
.SH OPTIONS
.LP
\fBippool\fR supports the option categories described below.
.SS "Global Options"
.LP
The following global options are supported:
.sp
.ne 2
.na
\fB\fB-d\fR\fR
.ad
.RS 6n
Toggle debugging of processing the configuration file.
.RE

.sp
.ne 2
.na
\fB\fB-n\fR\fR
.ad
.RS 6n
Prevents \fBippool\fR from doing anything, such as making ioctl calls, that
would alter the currently running kernel.
.RE

.sp
.ne 2
.na
\fB\fB-v\fR\fR
.ad
.RS 6n
Turn verbose mode on.
.RE

.sp
.ne 2
.na
\fB\fB-z\fR \fIzonename\fR\fR
.ad
.RS 6n
Manage the specified zone's in-zone IP pools. If neither this option nor
\fB-G\fR is specified, the current zone is used. This command is only
available in the Global Zone. See \fBZONES\fR in \fBipf\fR(8) for more
information.
.RE

.sp
.ne 2
.na
\fB\fB-G\fR \fIzonename\fR\fR
.ad
.RS 6n
Manage the specified zone's global zone controlled IP pools. If neither this
option nor \fB-z\fR is specified, the current zone is used. This command is
only available in the Global Zone. See \fBZONES\fR in \fBipf\fR(8) for more
information.
.RE

.SS "Instance-Specific Options"
.LP
The following instance-specific options are supported:
.sp
.ne 2
.na
\fB\fB-a\fR\fR
.ad
.RS 11n
Add a new data node to an existing pool in the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-A\fR\fR
.ad
.RS 11n
Add a new (empty) pool to the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-f\fR \fIfile\fR\fR
.ad
.RS 11n
Read in IP pool configuration information from \fIfile\fR and load it into the
kernel.
.RE

.sp
.ne 2
.na
\fB\fB-F\fR\fR
.ad
.RS 11n
Flush loaded pools from the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-h\fR\fR
.ad
.RS 11n
Display a list of pools of the type: hash loaded in the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-l\fR\fR
.ad
.RS 11n
Display a list of pools of the type: tree loaded in the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-r\fR\fR
.ad
.RS 11n
Remove an existing data node from a pool in the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-R\fR\fR
.ad
.RS 11n
Remove an existing pool from within the kernel.
.RE

.sp
.ne 2
.na
\fB\fB-s\fR\fR
.ad
.RS 11n
Display IP pool statistical information.
.RE

.SS "Other Options"
.LP
The following, additional options are supported:
.sp
.ne 2
.na
\fB\fB-i\fR \fIipaddr\fR[/\fInetmask\fR]\fR
.ad
.RS 23n
Sets the IP address for the operation being undertaken with an all-one's mask
or, optionally, a specific netmask, given in either dotted-quad notation or as
a single integer.
.RE

.sp
.ne 2
.na
\fB\fB-m\fR \fIpoolname\fR\fR
.ad
.RS 23n
Sets the pool name for the current operation.
.RE

.sp
.ne 2
.na
\fB\fB-M\fR \fIcore\fR\fR
.ad
.RS 23n
Specify an alternative path to \fB/dev/kmem\fR from which to retrieve
statistical information.
.RE

.sp
.ne 2
.na
\fB\fB-N\fR \fInamelist\fR\fR
.ad
.RS 23n
Specify an alternative path to lookup symbol name information when retrieving
statistical information.
.RE

.sp
.ne 2
.na
\fB\fB-o\fR \fIrole\fR\fR
.ad
.RS 23n
Sets the role with which this pool is to be used. Currently only \fBipf\fR,
\fBauth\fR, and \fBcount\fR are accepted as arguments to this option.
.RE

.sp
.ne 2
.na
\fB\fB-S\fR \fIseed\fR\fR
.ad
.RS 23n
Sets the hashing seed to the number specified. For use with hash-type pools
only.
.RE

.sp
.ne 2
.na
\fB\fB-t\fR \fItype\fR\fR
.ad
.RS 23n
Sets the type of pool being defined. Must be one of \fBpool\fR, \fBhash\fR, or
\fBgroup-map\fR.
.RE

.sp
.ne 2
.na
\fB\fB-u\fR\fR
.ad
.RS 23n
When parsing a configuration file, rather than load new pool data into the
kernel, unload it.
.RE

.SH FILES
.ne 2
.na
\fB\fB/dev/ippool\fR\fR
.ad
.RS 24n
Link to IP Filter pseudo device.
.RE

.sp
.ne 2
.na
\fB\fB/dev/kmem\fR\fR
.ad
.RS 24n
Special file that provides access to virtual address space.
.RE

.sp
.ne 2
.na
\fB\fB/etc/ipf/ippool.conf\fR\fR
.ad
.RS 24n
Location of \fBippool\fR startup configuration file.
.RE

.SH ATTRIBUTES
.LP
See \fBattributes\fR(7) for descriptions of the following attributes:
.sp

.sp
.TS
box;
c | c
l | l .
ATTRIBUTE TYPE	ATTRIBUTE VALUE
_
Interface Stability	Committed
.TE

.SH SEE ALSO
.LP
.BR ippool (5),
.BR attributes (7),
.BR zones (7),
.BR ipf (8),
.BR ipfstat (8)
